Risk assessment relating to the Opal card

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

ACCG358 – Assignment 2

Table of Contents

1.0Executive Summary




2.0Background to the Case

3.0IS Risks

3.1Usability Risk

3.1.1Loss of data risk

3.1.2Readability Risk

3.2Security Risk

3.2.1Fraudulent Activity Risk

3.2.2Theft of personal data

4.0Audit Plan and Objectives

4.1Audit Plan

4.2Audit Objectives

5.0Interview Questions and Documents



1.0 Executive Summary

1.1 Introduction

1.2 Body

1.3 Conclusion

2.0 Background to the Case

The Opal card is a contactless smartcard that is the new centrepiece of the new electronic ticketing system implemented by Cubic Transportation Systems (CTS). It allows the user to top up a balance either through manual loading (via Opal top-up machines), or linked to a credit card. This balance is used against Opal card readers to scan where the trip begins and ends, automatically calculating the fare and deducting it from the balance on the card. In the event that the trip has been started, but not finished (scanned only once within a day), a default fare will be charged to the card. The Opal card needs to abide by the Identification cards - Contactless integrated circuit cards (ISO/IEC 14443) standard, depicting its physical dimensions (85.60mm × 54.00mm × 0.76 mm), radio frequency (13.56 MHz), anti-collision processes (bit-collision detection protocol) and transmission protocols (half-duplex block transmission protocol). This new ticketing system would be gradually introduced throughout the greater Sydney region, across all 190 stations of the Sydney train network by 28th March 2014 and then further extended to include “52 more stations on the South Coast Line to Wollongong, Port Kembla and Bomaderry, as well as the Southern Highlands Line to Goulburn” by April 4. (McKenny, 2014). It will need to accommodate more than “304 million passengers per year, averaging at about 1.5 million trips each working day” (PRWEB, 2014)

3.0 IS Risks

Information System (IS) Risks can exist in many parts of an IS, such as security, privacy, economic and implementation risk. In order to accurately measure the risk level of each risk proposed, the below audit risk model is used to calculate the audit risk:

3.1 Usability Risk

Usability risks are defined to be the risks that emerge as the Opal card is used on a more regular basis, such as loss of data and readability risk.

3.1.1 Loss of data risk

The core functionality of the Opal card is that it allows the balance to be stored on the smartcard and recovered when needed. The risk of losing this data can occur as opal cards are often placed within wallets, where they are exposed to a fairly harsh condition (for a microchip). An estimated level of AR = 0.8 × 0.3 × 0.1 = 2.4%. The probability of microchips being damaged is fairly easy, however in order to detect or correct the corruption, various methods can be implemented. The impact of data loss on a smartcard can be detrimental to the reputation, as it stores a balance. In the event that this occurs frequently and numerous Opal cards are damaged, creditability is lost for CTS.

3.1.2 Readability Risk

The Opal card will eventually need to be able to deal with an average of 1.5million trips per working day. This amount of users may cause severe delays for users in accessing the train station if the readability of Opal cards is low. This low readability could be caused by deteriorated microchips, prolonged usage of a single card and insufficient radio power to pass through material (wallet).The estimated AR is 0.1 × 0.8 × 0.2 = 1.6%. The main business prospect of the Opal card is to improve the ordering of tickets to passengers. In the event that the Opal card is unable to do this, it would result in similar complaints and bad reputation that City Rail experienced.

3.2 Security Risk

Security risks are defined to be any form of risk that results in a possible threat to the user or system, this includes fraudulent balance in Opal card or leak of personal information (locations travelled with Opal Card).

3.2.1 Fraudulent Activity Risk

Opal cards are exposed to criminal activity, as the card itself is physically within the user’s hands and able to be experimented with at any time. This means that they may be able to use physically disassembly the card, such as using acids or abrasives to obtain unrestricted access to the on-board microprocessor. The AR is estimated to be: 0.1 × 0.9 × 0.3, where it is highly unlikely, but theoretically possible, as it means that information on the smartcard can be recovered if the encryption was a symmetric block cipher, or information can be recovered about the asymmetric ciphers used. There’s no means of control mechanism for the reader determine whether a valid smartcard contains fraudulent information or not.

3.2.2 Theft of personal data

The Opal card must follow the ISO 14443 standard, where the card must actively allow a read of up to 3 to 5cm in practice. This means that with dedicated amplifiers, antennas and sniffers, it is theoretically possible to extend this up to 1.5m (Sum, 2012). This was proven in the Trifinite Experiment, where Bluetooth was able to be extended from 10m to 1.7km (Trifinite, 2004). AR = 0.01 × 1.0 × 0.9 = 0.9%. There is currently no control mechanism that prevents the receiving of opal card data on a non-opal card reader. However, the likely-hood of it being a practical problem is quite low.

4.0 Audit Plan and Objectives

4.1 Audit Plan

The audit plan is based off James Hall’s structure of an IT Audit (James Hall, 2012). He categorises the audit plan into three phases:

  1. Audit Planning: The process which an auditor examines the nature of the business and gathers information to attain a thorough understanding of the business and it’s environment. Specifically referring to the Opal card, this means gathering the exact specifications, such as physical dimensions, radio frequency anti-collision processes, transmission protocols and security encryption methods used. This allows the auditor to determine what the inherent risks are, and calculate audit risk.
  2. Test of controls: The process where the control mechanisms are tested, determining whether they are effective and efficient at what they are doing. The controls are then measured depending on the quality of internal controls and given a measure (control risk) which can be used to calculate audit risk later. Specifically, this means testing the control mechanisms of the Opal Card, such as the validation process, to determine the boundaries of what is an acceptable “Opal” card.
  3. Substantive Testing: The phase consists of in-depth analysis of data, where the data is thoroughly investigated from its origin, indicating the accuracy of the sample data. Specifically, the balances that are kept in the Opal card should be sampled and determined if there were any fake or corrupted data in them, allowing the auditor to determine the detection risk of corrupted data.

4.2 Audit Objectives

The objective of the audit is to determine if/whether CTS has mitigated at least 50% of the risk.

5.0 Interview Questions and Documents

6.0 Recommendation

7.0 References

Page | 1